AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions and listings of claims in the 

application: 

Claims 1-20 (cancelled). 

21 . (Currently amended) A method for providing access to an online service, the 
method comprising: 

receiving a first digital certificate from a user, the first digital certificate attesting to 
at least one attribute of the user; 

determining, based at least in part on the first digital certificate, whether the user 
is authorized to access the online service; and 

if the user is detemnined bv said determining step to be authorized to access the 
online service, issuing a second digital certificate to the user, the second digital 
certificate attesting to the user's permission to access the online service. 

22. (Previously Presented) A method as in claim 21 , further comprising: 
receiving a request from the user to access the online service; 
checking the second digital certificate to determine whether the user has 

permission to access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 
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23. (Previously Presented) A method as in claim 22, in which said checking step is 
performed in a protected processing environment at a local computer system from 
which the user made the request to access the online service. 

(Previously Presented) A method as in claim 21 , further comprising: 

sending software for using the online service to the user; 

sending a digital signature for determining the integrity of the software to the 

user. 

25. (Previously Presented) A method as in claim 24, in which the digital signature is 
bound, at least in part, to the identity of the online service. 

26. (Previously Presented) A method as in claim 21 , further comprising: 
providing a third digital certificate to the user, the third digital certificate attesting to the 
identify of the online service, the third digital certificate being issued by a certifying 
authority. 

27. (Previously Presented) A method as in claim 26, in which the first digital 
certificate is issued by the certifying authority. 

28. (Previously Presented) A method as in claim 21 , in which the first digital 
certificate includes an indication of the user's age. 



29. (Previously Presented) A method as in claim 21 , in which the first digital 
certificate identifies a party responsible for paying for the user's access to online 
services. 

30. (Previously Presented) A method as in claim 29, further comprising: 
sending a request for payment to the party responsible for paying for the users 

access to online services; and 

receiving an indication that payment has been received. 

31 . (Previously Presented) A method as in claim 30, in which the steps of (a) sending 
a request for payment and (b) receiving an indication that payment has been received 
are performed prior to performing the step of sending the second digital certificate to the 
user. 

32. (Previously Presented) A method as in claim 21 , in which the second digital 
certificate attests to the user's permission to access the online service until a specified 
date. 

33. (Previously Presented) A method as in claim 21 , in which the at least one 
attribute comprises an indication of the amount of purchases the user is allowed to 
make in a given time period. 



34. (Previously Presented) A method as in claim 21 , in which the online service 
comprises an interactive online game. 

35. (Previously Presented) A method as in claim 34, further comprising: 
sending software for playing the online game to the user in a secure container. 

36. (Previously Presented) A method as in claim 21 , in which the online service 
comprises a subscription. 

37. (Previously Presented) A method as in claim 36, in which the second digital 
certificate includes an expiration date of the subscription. 

38. (Previously Presented) A method as in claim 21 , further comprising: 
collecting payment information from the user. 

39. (Previously Presented) A method as in claim 38, further comprising: 
sending the payment information to a financial clearinghouse. 

40. (Previously Presented) A method as in claim 21 , further comprising: 
collecting information relating to the user's use of the online service. 

41 . (Previously Presented) A method as in claim 40, further comprising: 
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sending the information relating to tlie user's use of the online service to a usage 
clearinghouse. 

42. (Withdrawn) A method for accessing an online service, the method comprising: 
sending a first request to access an online service from a user's site to an online 

service provider's website, the first request including a first digital certificate attesting to 
at least one attribute of the user; 

receiving a request for payment information; 

sending the payment information to the online service provider's website, or a 
website associated therewith; and 

receiving a second digital certificate, the second digital certificate indicating that 
the user is authorized to access the online service; 
accessing the online service. 

43. (Withdrawn) A method as in claim 42, further comprising: 
sending a second request to access the online service; 

ha 

checking the second digital certificate to determine whether the user s 
permission to access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 

44. (Withdrawn) A method as in claim 43, in which said checking step is performed in 
a protected processing environment at the user's computer system. 



45. (Withdrawn) A method as in claim 42, further comprising: 
receiving software for using the online service; 

receiving a digital signature for determining the integrity of the software. 

46. (Withdrawn) A method as in claim 45, in which the digital signature Is bound, at 
least in part, to the identity of the online service. 

47. (Withdrawn) A method as in claim 42, further comprising: 

receiving a third digital certificate, the third digital certificate attesting to the 
identify of the online service, the third digital certificate being issued by a certifying 
authority. 

48. (Withdrawn) A method as in claim 47, in which the first digital certificate is issued 
by the certifying authority. 

49. (Withdrawn) A method as in claim 42, in which the first digital certificate includes 
an indication of the user's age. 

50. (Withdrawn) A method as in claim 42, in which the first digital certificate identifies 
a party responsible for paying for the user's access to online services. 
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51 . (Withdrawn) A method as in claim 42, in which the second digital certificate 
attests to the user's permission to access the online service until a specified date. 

52. (Withdrawn) A method as in claim 42, in which the at least one attribute 
comprises an indication of the amount of purchases the user is allowed to make in a 
given time period. 

53. (Withdrawn) A method as in claim 42, in which the online service comprises an 
interactive online game. 

54. (Withdrawn) A method as in claim 53, further comprising: 

receiving a secure container from the online service provider's website, the 
secure container containing software for playing the online game. 

55. (Withdrawn) A method as in claim 42, in which the online service comprises a 
subscription. 

56. (Withdrawn) A method as in claim 55, in which the second digital certificate 
includes an expiration date of the subscription. 

57. (Withdrawn) A method as in claim 42, further comprising: 

sending information relating to the user's use of the online service to a remote 

site. 
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58. (Withdrawn) A method as in claim 57, in which the remote site comprises a 
usage clearinghouse. 

59. (Withdrawn) A method as in claim 57, in which the remote site comprises the 
online service provider's website. 

60. (Canceled) 

61. (Canceled) 

62. (Withdrawn) A computer program product stored on a computer-readable 
medium, the computer program product including instructions that, when executed by a 
computer system, cause the computer system to perform acts comprising: 

sending a first request to access an online service to an online service provider's 
website, the first request including a first digital certificate attesting to at least one 
attribute of a user; 

receiving a request for payment information; 
sending the payment information to the online service provider's website, or a website 
associated therewith; 

receiving a second digital certificate, the second digital certificate indicating that 
the user is authorized to access the online service; and 

accessing the online service. 
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63. (Withdrawn) A computer program product as in claim 62, the CO p"' r''ro a 

e 

r sy m c se 

product further including instructions that, when executed by a compute 'st , au 
the computer system to perform acts comprising: 

sending a second request to access the online service; 

ha 

checking the second digital certificate to detemiine whether the user s 
permission to access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. ... - ^ .- 
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